Trouble with a redirecting virus (logs)

Recommended Posts

Here are the logs requested. I may have received some malware or rootkits from my siblings downloading their games and what-not so if there is something needing clarified, I will try to explain known programs to the best of my abilities.

7/21/2013 3:58:51 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.

7/21/2013 12:43:19 PM, Error: Service Control Manager [7038] - The nvUpdatusService service was unable to log on as .UpdatusUser with the currently configured password due to the following error: Logon failure: the specified account password has expired. To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).

7/21/2013 12:43:19 PM, Error: Service Control Manager [7000] - The NVIDIA Update Service Daemon service failed to start due to the following error: The service did not start due to a logon failure.

Share this post

Link to post

Share on other sites

**In any case where you happen to be busy or unable to give us a reply, we would be grateful if you keep us informed in advance and we will be more than happy to wait. Failure to do so we will have your thread closed in THREE(3) days.

Hello there, bhk

I'm Conspire, I'll be glad to help you with your computer problems.

Please observe these rules while we work:

[*]Read the entire procedure

[*]It is important to perform ALL actions in sequence.

[*]If you don't know, stop and ask! Don't keep going on.

[*]Please reply to this thread. Do not start a new topic.

[*]Stick with me till you're given the all clear.

[*]Remember, absence of symptoms does not mean the infection is all gone.

[*]Don't attempt to clean your computer with any tools other than the ones I ask you to use during the cleanup process.

IMPORTANT NOTE : Please do not delete anything unless instructed to. Remember to backup all your important data(if possible) before moving on.

Share this post

Link to post

Share on other sites

I ran into this issue again recently and would like some assistance to see if my computer is riddled with any kind of malicious program possibly installed from my siblings mistreating my computer. I tend to run into suspicious programs throughout the remnants of downloads and am not familiar with how to purge these programs. I can do another DDS run and MBAM scan to provide more updated logs if you'd like! I'd like to be informed about how to prevent this from happening again as well as I don't believe Microsoft SE and MBAM are enough to keep those pesky infections away. I read a bit into root-kits and what-not but would prefer to have experienced guidance in choosing which programs to use. Thanks for the future help!

Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. Note: If you are having difficulty properly disabling your protective programs, or are unsure as to what programs need to be disabled, please refer to the information available through this link :How to Disable your Security Programs

====================================================

Double click on combofix.exe & follow the prompts.

When finished, it shall produce a log for you. Please include the C:ComboFix.txt in your next reply for further review.

Share this post

Link to post

Share on other sites

sorry i've been dealing with college things as of late. i'll be sure to post the log sometime today after i sort school stuff unless i ran past the deadline to comply with instructions. either way i understand.

Share this post

Link to post

Share on other sites

Working fine other than the usual browser freeze up for a few secs. I think it's due to the fact that my CPU is pretty outdated. It's still single-core. Well anyways after skimming through the logs I did identify some unwanted files that I thought I got rid of through scans I ran a long time ago. I haven't run into any suspicious programs though which is good.

Share this post

Link to post

Share on other sites

Some of the files and registry keys that the adwcleaner got rid of like pricegong and yontoo. Either way I feel as though my computer is cleaner and more secure after everything. I haven't run into that redirecting virus either.

It is very important that you get all of the critical updates for your Operating System and Internet Explorer. Keeping your OS and browser up to date will help make you less susceptible to attacks by Trojans and viruses. Please go to Microsoft and download all the critical updates to help prevent possible re-infection.

Passwords

It is good security practice to change your passwords to all your online accounts on a fairly regular basis, this is especially true after an infection. Refer to this Microsoft article

To help protect your computer in the future I recommend that you get the following free programs if you do not already have them:

[*]WOT, Web of Trust, warns you about risky websites that try to scam visitors, deliver malware or send spam. Protect your computer against online threats by using WOT as your front-line layer of protection when browsing or searching in unfamiliar territory. WOT's color-coded icons show you ratings for 21 million websites, helping you avoid the dangerous sites:

[*]Green to go

[*]Yellow for caution

[*]Red to stop

WOT has an add-on available for both Firefox and IE.

[*]SpywareBlaster prevents the installation of ActiveX-based malware, blocks cookies, and restricts the actions of "bad" sites. See tutorial here

[*]MVPS HOSTS FILE replaces your current HOSTS file with one that will restrict known ad sites from serving you unsolicited advertisements. It basically prevents your computer from connecting to those sites by redirecting the attempted connections to 127.0.0.1, which is the IP of your local computer. See guide here and for Windows Vista here